The following interview is a conversation we had with Bill Moore, CEO and Founder of XONA, on our podcast Category Visionaries. You can view the full episode here: $30 Million Raised to Build the Future of OT User Access
Brett
Welcome to Category Visionaries, the show dedicated to exploring exciting visions for the future from the founders who are on the front lines building it. In each episode, we’ll speak with a visionary Founder who’s building a new category or reimagining an existing one. We’ll learn about the problem they solve, how their technology works, and unpack their vision for the future. I’m your host, Brett Stapper, CEO of Front Lines Media. Now let’s dive right into today’s episode. Hey everyone. And welcome back to Category Visionaries. Today we’re speaking with Bill Moore, CEO and Founder of XONA Systems, an OT user access platform that’s raised over 30 million in funding. Bill, how are you?
Bill Moore
Hey, how’s it going, Brett?
Brett
It’s going great and super excited to have you here. Let’s go ahead and jump right in. Talk to us about what you’re building.
Bill Moore
Yeah, so we’re building a secure access platform. You know, I think initially when we started out a few years back, were trying to solve a problem of making just secure remote access simpler and, you know, and just really trying to make it easier on the OT community, you know, where in the past, you know, I think when you look at sort of it’s about 20 years of sort of bolted on technology for secure mode access. But today we’re really expanding that beyond remote access. It’s really more of a platform around secure user access.
Brett
Take us back to 2017, the founding of the company. What were those early days like and what was that aha. For you to say, yep, that’s it. I’m going to go dedicate the next 10 plus years of my life to solving this problem.
Bill Moore
Yeah, no thanks, Brett. That’s a good question. I mean, when I started the company, you know, it was really the whole idea was around providing a simpler, more secure way to do no data in transit kind of access. Right. So how can I make VDI essentially easier and more compact? Right. So we initially started talking with kind of the DoD and special ops command and, you know, this was kind of an idea. And I had been working for a number of startups and one of the startups, you know, cybersecurity startup, you know, guy that I knew that did rapid software prototyping at no such agency. And so we started kind of brainstorming and you know, we found some really, really rough open source and kind of started building on that.
Bill Moore
But, you know, essentially it was just about kind of collapsing a lot of the sort of the tools around how people access Both from an authentication and authorization standpoint. And then eventually it became now a platform. But yeah, it was kind of interesting how we start we got into OT because initially I was kind of thinking more on the DOD side. And most of our business now is commercial, so it’s interesting.
Brett
And as you were making your way through your career, did you have in the back of your mind, like, I’m just gathering knowledge, you know, gathering life lessons and then someday to go out and build a company or like, where did that desire to go out and do your own thing come from?
Bill Moore
Well, you know, I started back in the late 90s in IT operations and IT security operations and you know, so I got the interest on the tech side early on and then I ended up taking a job with a startup in the early 2000s or 20 years ago really. And I kind of got the bug. You know, I call myself kind of a serial startup employee. I went from cybersecurity company startup, pre IPO to the next one and helped build. Really most of my career has been on the public sector side, but you know, now ironically I’m, you know, spending most of my time on the private sector side. So it’s kind of interesting how things evolve. But yeah, I think I was gathering a lot of information because, you know, I had a lot of different roles.
Bill Moore
I mean, I was a sales engineer, I was doing bd, I did marketing for stint, you know, so I kind of jumped around from doing different things, but. But always really kind of on the front end of working with customers and trying to solve challenges that they had and big problems.
Brett
And let’s talk about the timeline. So from when you had the idea to when you had a product that you had customers paying you for, how much time had passed?
Bill Moore
Yeah, so it was probably about one year until we had our first purchase order. Right. And what was kind of interesting was in the early days we really didn’t have a complete product. It was really kind of a prototype. And I was like, well, let’s get this out in front of a few customers and try to get some beta testers. And strangely enough, I was, you know, obviously when you start companies, you know, it wasn’t like I had nothing going and then all of a sudden somebody drops $10 million. You know, I had to kind of get the idea out there and find an initial customer. And so obviously I’m still working. Right. I’m kind of moonlighting this part time. And I was actually doing some consulting on Meta, a SCADA engineer for a large natural gas distributor at an event.
Bill Moore
He was on a panel. I just went up and talked to him. And this was really before we had a product. And, you know, I was doing some consulting for another company that did really more around visibility, you know, and asset detection and all of that. And, you know, went in there and started talking about that and started learning about the OT business, you know, industrial control systems business and security. And, you know, really the aha moment was when I realized that it was him and this other guy that were really running this huge natural gas distributor. They have a million customers, and, I mean, they had a lot of technicians and stuff, but these guys seem to be really understanding the entire infrastructure.
Bill Moore
And I was like, you guys can’t ride in a car together because, you know, the things would fall apart and, you know, much less they needed more people on the OT side, and they had zero IT administrative support. And I just happened to whiteboard with them one day and just was asked and how they did remote operations, you know, and they started explaining how, oh, yeah, they dragged everything we had in the IT side over to the OT side. So, you know, all of these different pieces of technology that were, you know, older technologies, from jump servers and VPNs, to legacy domain controllers to legacy MFA, and all of this stuff was kind of put together and pretty complex, expensive, and really not what they wanted. You know, it was something, and they couldn’t really manage it.
Bill Moore
You know, they’re on a skeleton crew as it was. So, yeah, I started. That was really the aha moment. It was funny because I called my partner, I said, hey, I want to do a demo. And he’s like, what are you talking about? I said, you know, I’m at this natural gas distributor and I want to do a demo of the product. He goes, well, it’s not really a product. I’m like, I know. I just want to show him something, right? So I actually. The first demo of the product was actually at the customer site to a basement at my partner’s house. And so we showed him kind of what were building, right, and what we wanted to build. And he said, this is exactly what we need. And I said, oh, cool. You know, we have a beta customer.
Bill Moore
I said, well, could you be a beta customer when we have it ready? And he goes, no, you let me know when it’s ready and I’ll buy it. So that was it. That was the beginning. That’s awesome.
Brett
What about the marketing strategy? So maybe we can talk through any of the evolutions that you’ve seen from a marketing strategy perspective. What did the marketing strategy start out as and what does it look like today?
Bill Moore
Well, yeah, I mean, early days I was wearing the marketing hat and you know, doing a lot of that. You know, we kind of really spent the early days kind of building the product and then I was going out. I call it guerrilla marketing. You know, in the early days of just going to events and shaking hands, you know, we couldn’t afford a booth and all of that. But, you know, as we’re evolving today, I mean, our marketing strategy is evolved a lot. I mean, we have channels, you know, and I kind of look at that as sort of the four legs of the channel ecosystem around, you know, OEMs. So, you know, we have a partnership, for instance, with GE and you know, other OEMs that we’re working with.
Bill Moore
And then there’s also sort of the big bar and integrator partners or bars, and then kind of your big integrators and then the technology alliances. So now we have kind of multi channel marketing. You know, we’re now starting to market into more than a few market segments. So it’s getting interesting. And also we’re a global company as well because we probably about a year after our first customer, we signed a global agreement with GE and so they’ve deployed us into over 35 countries. Now we’re in the gas. Power generation is most of where those deployments have been.
Brett
What about your market category? When it comes to the market category, what category are you in?
Bill Moore
Yeah, this sounds like a Gartner question. Yeah, look, I think the market category is really probably in sort of the identity and access management. Slash. Pam, if I was to like pick a category. But what’s interesting is, you know, we’re really kind of redefining identity and access management for OT and for the industrial enterprises. And I think we’re really kind of creating a new category in the sense that in it, you know, users interact with data essentially in applications and in ot. Users are interacting with machines and operational processes and the needs on The OT side are different. I mean, there’s cultural differences, but it’s very different in how in some of the things that you can do on the OT side that are just not practical in it.
Bill Moore
For instance, you know, if you want to record all the interactions with the digital interface, with a screen, let’s say, you know, an ot, you can do that pretty easily and store, you know, a lot of interactions. Because unlike it, where somebody could be in an Excel spreadsheet for eight hours, nobody wants to watch a movie of somebody moving around an Excel spreadsheet for eight hours. You know, in the case of ot, sometimes it’s eight minutes or eight seconds that somebody’s interfacing with these things, they’re checking something, they’re clicking on something, and then that’s it. And so being able to record that interaction is something that’s important. You know, from operational process training as well as forensics and cybersecurity.
Brett
You mentioned Gartner there. How actively do you work with Gartner or similar firms to really shape this category narrative?
Bill Moore
Yeah, so, you know, we’ve started the conversation with Gartner, I think evolve more next year, you know, because we are seeing as we’ve evolved our secure access platform is that there’s a lot of stakeholders, right? It’s not just the SCADA engineer, control systems engineer, you know, it’s also the IT operations person. And a lot of times IT all the way up to the ciso, right, because they’re thinking about strategies around how do we provide a way of protecting our critical systems, right, that are the lifeblood of the business.
Bill Moore
And so, you know, we talk to a lot of different folks across and that’s kind of where Gartner comes in because they’re a little bit more on the IT centric side, but there’s a ARC Advisory council that kind of is the Gartner for ot, you know, obviously a lot smaller, but you know, they bring a lot of folks in to kind of help, you know, draft and go, you know, where’s everything going? And there’s a big conference in Florida every year called S4. And you know, and that’s where a lot of folks gather on the OT cybersecurity side as well.
Brett
You know, this could be completely wrong, but just from my perspective, what I see, it seems like there wasn’t a huge amount of money going into OT for a long time and now it seems like there’s been a shift and there are more and more startups, there’s more venture capital flowing to ot. Is that accurate or am I off there?
Bill Moore
Oh yeah, I think, you know, especially over the last six or eight years, right, we’ve seen, yeah, huge companies a lot. Some have already been acquired by large IT companies. You know, you have very large OT visibility companies like Dragos and Izomi and Clarity and so forth. You know, so there’s been a lot of that’s been put in. There’s still a long ways to go there. It’s still, I think fairly early days. And then on the identity access management side, I think it’s, you know, they’re looking for tools that can fit into that environment. And you know, the IT tools in many cases are kind of, you know, square peg, round hole. Right. It just doesn’t work well because there’s so many integrations, interdependencies on the IT side.
Bill Moore
And OT side needs something, you know, much simpler and really addressing the needs in OT which are really around availability and safety and not so much the integrity and confidentiality of data. Right.
Brett
As you reflect on the journey so far, what would you say was the most important go to market decision that you’ve made? And can you take us behind the scenes on how you made that decision? Decision?
Bill Moore
Yeah, I think just recently, you know, we’ve brought in additional funding and you know, we’ve aligned, we’ve been very fortunate with our VCs and investors because they kind of have set up the nexus of cybersecurity and energy which the energy being still our largest market segment. So when I say energy that could be also utilities and so forth. But yeah, I think the alignment there and really focusing in and expanding that market segment globally, you know, leveraging what we had done before with GE and really focusing on, you know, an indirect model around key market geographic segments as well as the energy and now, you know, manufacturing and other industrial sectors as well. But we’ve taken a measured approach in our go to market and you know, it’s very difficult to boil the ocean.
Bill Moore
This is a very large total addressable market that we’re trying to tackle. So it’s really, I think, been the focus and alignment that we’ve had, that’s been our go to market.
Brett
And let’s talk a little bit about money and fundraising, as I mentioned there in the intro, over 30 million raised to date. What have you learned about fundraising throughout this journey?
Bill Moore
Yeah, well, one thing I’ve learned is, you know, you get more no’s from venture capitalists than you do from prospective customers. So you gotta have thick skin. I think when we started first started raising money, I think people didn’t really understand ot and I think we’ve kind of moved from there and it’s becoming more mature and there’s also the models around, you know, the business there has been more capital intensive. When I say that, you know, there’s in the IT world or in the SaaS world, it’s you know, subscription based and ARR based and OTs come around over the last couple of years. But initially, you know, they like doing big capital projects and so kind of trying to align and get to the right people.
Bill Moore
And I think it’s evolving now where I think there’s going to be even more venture capital interest just because it is really heavily involved now. And I think the cultures are finding common ground right between IT and ot.
Brett
Final question for you. Let’s zoom out three to five years into the future. What’s the big picture vision look like?
Bill Moore
Yeah, I think we’re going to continue to expand geographically. We have teams in Europe, the Middle east as well as APAC and obviously teams in North America. But really going out beyond just manufacturing and energy and utilities, but also other critical infrastructure segments. You know, we have customers in transportation and DoD, but also healthcare and financials because these are regulated industries. And I think they’re also looking for simpler and more secure ways of providing access to their most critical assets and critical systems. So you know, we really want to be that central secure access platform, both for IT to OT in kind of these convergence of these networks as well as remote and OT only. So we have a lot of flexibility in the way we’re building our platform that can be strictly an OT network or IT to OT or eventually ITself. Right.
Bill Moore
For critical IT assets.
Brett
Amazing. I love the vision. I really love this conversation we’re going to wrap here. Before we do, if there’s any founders that are listening in that want to follow along with this journey, where should we send them?
Bill Moore
Yeah, I mean we’re on LinkedIn obviously. You know, just XONA Systems on LinkedIn websites xonasystems.com you can go there and we have ton of information, data sheets, you know, if you want to see a demo of the product, it’s simple, you know, we have a form you can fill out to get a demo.
Brett
Amazing. Bill, thank you so much for taking the time.
Bill Moore
Yep, thanks very much, Brett. Appreciate it.
Brett
This episode of Category Visionaries is brought to you by Front Lines Media, Silicon Valley’s leading podcast production studio. If you’re a B2B Founder looking for help launching and growing your own podcast, visit frontlines.io Podcast, and for the latest episode, search for Category Visionaries on your podcast platform of choice. Thanks for listening and we’ll catch you on the next episode.
Twitter
facebook
linkedin